public async Task <ActionResult <PutProductDTO> > PutProduct(string id, PutProduct putProduct)
        {
            var productToPut = await _context.Products.FindAsync(id);

            PutProduct putProductModel = putProduct;

            if (productToPut == null)
            {
                return(BadRequest(this.GetError(Error.PRODUCT_NOT_FOUND)));
            }
            if (!this.ValidTokenAdmin(putProductModel.AccessToken))
            {
                return(BadRequest(this.GetError(Error.INVALID_TOKEN)));
            }

            if (putProductModel.Name != null && putProductModel.Name.Length > 0)
            {
                productToPut.Name = putProduct.Name;
            }
            if (putProductModel.Type != null && putProductModel.Type.Length > 0)
            {
                productToPut.Type = putProduct.Type;
            }
            if (putProductModel.Description != null && putProductModel.Description.Length > 0)
            {
                productToPut.Description = putProduct.Description;
            }
            if (putProductModel.ImagePath != null && putProductModel.ImagePath.Length > 0)
            {
                productToPut.ImagePath = putProduct.ImagePath;
            }
            if (putProductModel.Price != null && putProductModel.Price.Length > 0)
            {
                productToPut.Price = Convert.ToDecimal(putProductModel.Price);
            }
            if (putProductModel.Status != null && putProductModel.Status.Length > 0)
            {
                productToPut.Status = putProduct.Status;
            }

            _context.Entry(productToPut).State = EntityState.Modified;

            try
            {
                await _context.SaveChangesAsync();
            }
            catch (DbUpdateConcurrencyException)
            {
                throw;
            }

            PutProductDTO putProductDTO = new PutProductDTO(productToPut);

            return(putProductDTO);
        }
Exemple #2
0
        public async Task <ActionResult <GetUserDTO> > GetUser(string email, [FromQuery(Name = "password")] string password, [FromQuery(Name = "accessToken")] string accessToken)
        {
            var userToGet = await _context.Users.Where(user => user.Email == email).FirstAsync();

            if (userToGet == null)
            {
                return(BadRequest(this.GetError(Error.INVALID_TOKEN)));
            }

            if (password == null && accessToken == null)
            {
                return(BadRequest(this.GetError(Error.INVALID_TOKEN)));
            }
            if (!userToGet.Password.Equals(new AES().EncryptToBase64String(password)))
            {
                return(BadRequest(this.GetError(Error.INVALID_PASSWORD)));
            }
            if (accessToken != null && !accessToken.Equals(userToGet.AccessToken))
            {
                return(BadRequest(this.GetError(Error.INVALID_TOKEN)));
            }
            if (accessToken != null && userToGet.tokenExpired())
            {
                return(BadRequest(this.GetError(Error.EXPIRED_TOKEN)));
            }

            var expiresTimestamp = new DateTimeOffset(DateTime.UtcNow).ToUnixTimeSeconds() + 60 * 60 * 24;

            userToGet.TokenExpires = expiresTimestamp.ToString();

            _context.Entry(userToGet).State = EntityState.Modified;

            try
            {
                await _context.SaveChangesAsync();
            }
            catch (DbUpdateConcurrencyException)
            {
                throw;
            }

            GetUserDTO getUserDTO = new GetUserDTO(userToGet);

            return(getUserDTO);
        }
Exemple #3
0
        public async Task <ActionResult <OrderDTO> > PutOrder(string id, PutOrder putOrder)
        {
            if (!this.ValidTokenUser(putOrder.AccessToken))
            {
                return(BadRequest(this.GetError(Error.INVALID_TOKEN)));
            }

            if (id == null)
            {
                return(BadRequest(this.GetError(Error.MISSING_ORDER_ID)));
            }
            if (putOrder.OrderProducts == null)
            {
                return(BadRequest(this.GetError(Error.MISSING_ORDER_PRODUCT)));
            }

            var currentUser = this.GetUserByToken(putOrder.AccessToken);
            var orderToPut  = await _context.Orders.Include("OrderProducts").FirstOrDefaultAsync(order => order.OrderId == id);

            if (orderToPut == null)
            {
                return(BadRequest(this.GetError(Error.ORDER_NOT_FOUND)));
            }
            if (!orderToPut.UserId.Equals(currentUser.UserId))
            {
                if (!this.ValidTokenAdmin(putOrder.AccessToken))
                {
                    return(BadRequest(this.GetError(Error.INVALID_TOKEN)));
                }
            }

            List <OrderProduct> orderProducts = new List <OrderProduct>();

            foreach (PutOrderProduct putOrderProduct in putOrder.OrderProducts)
            {
                Product productToOrder = this.GetProductById(putOrderProduct.ProductId);

                if (productToOrder == null)
                {
                    return(BadRequest(this.GetError(Error.PRODUCT_NOT_FOUND)));
                }
                if (putOrderProduct.Quantity == 0)
                {
                    return(BadRequest(this.GetError(Error.MISSING_QUANTITY)));
                }

                OrderProduct orderProduct = new OrderProduct();
                orderProduct.OrderId        = orderToPut.OrderId;
                orderProduct.OrderProductId = Guid.NewGuid().ToString();
                orderProduct.ProductId      = putOrderProduct.ProductId;
                orderProduct.Quantity       = putOrderProduct.Quantity;
                orderProduct.SubTotalPrice  = decimal.Multiply(productToOrder.Price, new decimal(orderProduct.Quantity));
                orderProducts.Add(orderProduct);
                _context.OrderProducts.Add(orderProduct);
            }

            decimal currentTotalPrice = orderToPut.OrderProducts.Sum(orderProduct => orderProduct.SubTotalPrice);
            decimal addPrice          = orderProducts.Sum(orderProduct => orderProduct.SubTotalPrice);
            decimal newTotalPrice     = decimal.Add(currentTotalPrice, addPrice);

            orderToPut.TotalPrice = newTotalPrice;

            if (this.ValidTokenAdmin(putOrder.AccessToken) && putOrder.Status != null)
            {
                orderToPut.Status = putOrder.Status;
            }

            _context.Entry(orderToPut).State = EntityState.Modified;

            try
            {
                await _context.SaveChangesAsync();
            }
            catch (DbUpdateConcurrencyException)
            {
                throw;
            }

            OrderDTO orderDTO = new OrderDTO(orderToPut);

            return(orderDTO);
        }